Chrooted sftp on rhel3

[Johan Booysen]

Well, in /etc/rssh.conf there are some user-related examples, but I
can't quite make out how to use them:

#user=rudy:011:00100:  # cvs, with no chroot
#user=rudy:011:01000:  # rdist, with no chroot
#user=rudy:011:10000:  # rsync, with no chroot
#user=rudy:011:00001:"/usr/local/my chroot"  # scp with chroot
#user=rudy:011:00010:"/usr/local/my chroot"  # sftp with chroot

Johan

-----Original Message-----
From: redhat-list-bounces at redhat.com
[mailto:redhat-list-bounces at redhat.com] On Behalf Of Carl Reynolds
Sent: 15 June 2007 17:37
To: General Red Hat Linux discussion list
Subject: Re: Chrooted sftp on rhel3

Johan Booysen wrote:
> Hi everyone,
> 
> I'm doing some tests setting up an sftp server, with setting up a 
> chroot jail for ftp users.
> 
> <snip...>
> 
> Any ideas on how to restrict access so ftp users are locked into their

> own home directories - if that is even possible?  It doesn't seem like

> much of an issue to me, but I'd appreciate your thoughts.
> 
> 
> 
> 

I did this five or six years ago. I don't remember the details, but I
can tell you it is possible to do. I seem to remember that I somehow set
the chrootpath to /home/<user-directory> for each user. This made that
directory the root for that user when the sign on so there is no way for
them to cd in /home. Thus they can't see the other users' directories.

The advantage of doing it this way is that it is far less resource
intensive than setting up a virtual machine for each user as they sign
on.



Carl.


-- 

redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list